Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          oZaM0CRQfvew+j2bP9doQUA1J6WRf7sonMG7p6g1G1o=
Subject key identifier:   05:20:E2:43:75:DB:3B:5C:15:67:5F:EA:56:80:04:3E:03:28:53:F7
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       019CAD5A0E53CFB1CF321607401949141D9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          0B64
Signing time:             Mon 02 Mar 2026 07:01:25 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:25 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:25 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: dpxoOHZoXA2+t+OVb/y6jUg7+KxAftd7DcRT1dCliYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:0e:53:cf:b1:cf:32:16:07:40:19:49:14:1d:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: Mar  2 07:01:25 2026 GMT
            Not After : Mar  3 07:01:25 2026 GMT
        Subject: CN=0520e24375db3b5c15675fea5680043e032853f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:26:f5:6f:1c:dd:c0:dd:d0:95:08:af:44:6e:
                    fa:6c:37:db:cc:e7:da:3a:a6:59:ad:5d:90:5e:b0:
                    6b:7e:db:65:30:4e:63:42:91:42:71:98:b0:c5:b0:
                    53:26:85:1e:d4:1e:02:ec:9f:61:13:46:65:32:19:
                    02:96:c2:92:86:82:57:f6:e2:00:b5:d8:04:8d:b5:
                    54:25:93:1b:c7:ef:3b:9b:8a:b6:bc:65:b8:a0:e7:
                    79:1b:ee:40:33:71:3a:01:b8:00:5c:49:82:9a:14:
                    be:8e:9e:fc:d8:61:c0:a2:7a:4a:32:e9:c2:ad:42:
                    f2:f9:d9:c9:0f:6a:b2:1a:6e:6a:c4:27:22:b9:57:
                    27:19:4b:4f:da:c5:cb:ef:97:8d:fc:51:9c:16:53:
                    00:7a:92:55:bd:e8:16:de:33:39:97:98:3a:53:11:
                    0c:79:a6:bd:65:8c:fe:9c:03:23:44:7a:e9:49:29:
                    47:00:aa:f4:84:71:2a:31:f7:68:8d:a5:89:10:e4:
                    b5:1f:11:f8:20:cb:bf:0d:e0:d3:9c:39:56:f1:19:
                    88:9c:2b:31:1f:29:7e:79:94:55:a3:e9:60:98:f6:
                    20:4d:21:84:8d:56:6a:4a:f5:99:fc:94:d7:39:6b:
                    40:78:8a:95:83:c5:95:62:21:1b:a8:00:bc:5b:6e:
                    e2:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:20:E2:43:75:DB:3B:5C:15:67:5F:EA:56:80:04:3E:03:28:53:F7
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:f5:1d:39:d1:4b:13:83:82:25:61:cf:3f:3a:50:1e:4e:5a:
         31:76:2f:db:4f:75:e5:3d:45:ad:e6:c4:e7:64:9d:74:9f:5b:
         b6:38:94:54:75:17:8e:14:d6:fe:56:b8:fd:21:2f:8d:24:c7:
         1c:e6:0e:80:71:70:c8:62:af:1d:52:d1:17:36:b4:a3:4f:f5:
         8a:8a:ba:03:58:1c:95:6c:f5:f6:d6:2f:25:e2:66:b7:f5:ca:
         a9:0c:00:4f:53:15:1a:73:8b:21:3d:35:56:ca:94:60:4b:cc:
         85:bf:cc:06:f2:b6:1a:d6:ab:f0:ea:04:6a:d0:d0:46:93:0a:
         a3:ff:e2:b1:87:9d:97:71:01:ae:1e:ec:02:5c:0f:b8:b3:b1:
         da:d8:2a:26:6f:56:36:15:cf:57:9a:48:5b:c9:90:a1:52:e8:
         20:49:a5:6f:48:3c:11:5e:51:ed:14:ff:d1:73:8e:9e:8e:3f:
         9b:94:07:b3:47:b9:1d:98:ad:b9:56:75:f3:7a:36:ae:d3:40:
         81:73:d9:21:51:e2:05:cf:b8:bc:55:1d:35:06:a8:ad:08:dc:
         f8:c2:f2:38:4a:d1:48:66:f8:bf:ad:ea:fd:06:d8:15:a2:d5:
         af:ef:58:b6:e4:3d:b5:23:05:0f:54:55:19:3e:51:3b:71:71:
         05:72:3c:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWg5Tz7HPMhYHQBlJFB2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjYwMzAyMDcwMTI1WhcNMjYwMzAzMDcwMTI1WjAzMTEwLwYDVQQD
EygwNTIwZTI0Mzc1ZGIzYjVjMTU2NzVmZWE1NjgwMDQzZTAzMjg1M2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSb1bxzdwN3QlQivRG76bDfbzOfa
OqZZrV2QXrBrfttlME5jQpFCcZiwxbBTJoUe1B4C7J9hE0ZlMhkClsKShoJX9uIA
tdgEjbVUJZMbx+87m4q2vGW4oOd5G+5AM3E6AbgAXEmCmhS+jp782GHAonpKMunC
rULy+dnJD2qyGm5qxCciuVcnGUtP2sXL75eN/FGcFlMAepJVvegW3jM5l5g6UxEM
eaa9ZYz+nAMjRHrpSSlHAKr0hHEqMfdojaWJEOS1HxH4IMu/DeDTnDlW8RmInCsx
Hyl+eZRVo+lgmPYgTSGEjVZqSvWZ/JTXOWtAeIqVg8WVYiEbqAC8W27i7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUg4kN12ztcFWdf6laABD4DKFP3MB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEvUdOdFL
E4OCJWHPPzpQHk5aMXYv20915T1FrebE52SddJ9btjiUVHUXjhTW/la4/SEvjSTH
HOYOgHFwyGKvHVLRFza0o0/1ioq6A1gclWz19tYvJeJmt/XKqQwAT1MVGnOLIT01
VsqUYEvMhb/MBvK2Gtar8OoEatDQRpMKo//isYedl3EBrh7sAlwPuLOx2tgqJm9W
NhXPV5pIW8mQoVLoIEmlb0g8EV5R7RT/0XOOno4/m5QHs0e5HZituVZ183o2rtNA
gXPZIVHiBc+4vFUdNQaorQjc+MLyOErRSGb4v63q/QbYFaLVr+9YtuQ9tSMFD1RV
GT5RO3FxBXI8EA==
-----END CERTIFICATE-----